Configuring Common Internet File System in user mode
Prev Common Internet File System Next

Configuring Common Internet File System in user mode

This section describes how to configure CIFS in user mode.

In this mode, user authentication happens on the cluster nodes itself.

You must have NIS or some other mechanism configured on the cluster nodes to ensure the same users/groups have the same user/groups IDs on all cluster nodes.

A shared file system needs to be specified during the config operation. This file system is used to store the smbpasswd file, which contains the encrypted passwords for users. This way, users for whom passwords have been created on one cluster node, can authenticate themselves against other cluster nodes as well.

You must backup your existing smb.conf file and ensure that the /var/log/samba file exists on all cluster nodes, before running the cfsshare config command.

Note:

If CNFS is already configured on the cluster, then specify the same shared_volume and mount_point for configuration of CIFS.

 
cfsshare config [-n] -p cifs -l samba_lockdir -c \
samba_config_file -t samba_topdir -m user \
shared_disk_group shared_volume mount_point

For example:

# cfsshare config -p cifs -m user -l /var/run \
-c /etc/samba/smb.conf -t /usr lockdg vollocks /locks

Note:

Check the path of the Samba lock directory and PID directory using the smdb -b command. Use the path of the PID directory for the -l samba_lock option.

Note:

The cfsshare config command fails if the shared_volume specified is already registered with VCS. Verify that the shared_volume is not registered with VCS by examining the output from the following command:

# /opt/VRTS/bin/cfsmntadm display

If the -n option is specified when using the cfsshare config command, you must follow the steps to complete the CIFS configuration:

To complete the CIFS configuration when using the -n option

  1. Copy the following lines to your smb.conf file:
    security = user
passwd backend = smbpasswd
smbpasswd file = pvtdir/smbpasswd

    where pvtdir is the private directory of your Samba installation.

  2. Run the following command to backup your existing smbpasswd file:
    # cp -f pvtdir/smbpasswd pvtdir/smbpasswd.OLD
  3. Create a symlink in pvtdir, that points to the smbpasswd file created in the locks file system:
    # ln -sf mntpt/cifs/smbpasswd pvtdir/smbpasswd

    where mntpt is the mount point.

To unconfigure CIFS:

# cfsshare unconfig -p cifs

Note:

The unconfigure operation fails if any file systems or VIPs are being shared via CIFS protocol. Use the cfsshare delete command to stop sharing the file systems via CIFS. Use the cfsshare deletevip command to remove the VIPs.

You can configure both CNFS and CIFS at the same time by running the cfsshare config -p all command.

# cfsshare config -p all -m user -l /var/run \
-c /etc/samba/smb.conf -t /usr lockdg vollocks /locks
Prev Up Next
cfsshare manual page Home Configuring Common Internet File System in domain mode